Merge branch 'RE-10691-fp' into 'master'

RED-10691: 500 when approving file in a dossier where dossier owner lost manager role Closes RE-10691 See merge request redactmanager/persistence-service!930
RED-10691: 500 when approving file in a dossier where dossier owner lost manager role
2025-02-04 09:37:04 +01:00 · 2025-01-31 13:35:31 +01:00 · 2025-01-24 11:01:07 +01:00 · 2025-01-23 13:34:26 +01:00
4 changed files with 77 additions and 9 deletions
--- a/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/StatusController.java
+++ b/persistence-service-v1/persistence-service-external-api-impl-v1/src/main/java/com/iqser/red/persistence/service/v1/external/api/impl/controller/StatusController.java
@ -28,6 +28,7 @@ import org.springframework.web.bind.annotation.RestController;

 import com.iqser.red.service.persistence.management.v1.processor.acl.custom.dossier.DossierACLService;
 import com.iqser.red.service.persistence.management.v1.processor.exception.BadRequestException;
+import com.iqser.red.service.persistence.management.v1.processor.exception.ConflictException;
 import com.iqser.red.service.persistence.management.v1.processor.exception.NotAllowedException;
 import com.iqser.red.service.persistence.management.v1.processor.roles.ApplicationRoles;
 import com.iqser.red.service.persistence.management.v1.processor.service.AccessControlService;
@ -101,8 +102,13 @@ public class StatusController implements StatusResource {
        var accessibleDossierIds = filterByPermissionsService.onlyViewableDossierIds(new ArrayList<>(filesByDossier.getValue().keySet()));
        var response = new HashMap<String, List<FileStatus>>();
        for (var dossierId : accessibleDossierIds) {
-            var allFoundFiles = fileStatusManagementService.findAllDossierIdAndIds(dossierId, filesByDossier.getValue().get(dossierId));
-            response.put(dossierId, allFoundFiles.stream().map(FileStatusMapper::toFileStatus).collect(Collectors.toList()));
+            var allFoundFiles = fileStatusManagementService.findAllDossierIdAndIds(dossierId,
+                                                                                   filesByDossier.getValue()
+                                                                                           .get(dossierId));
+            response.put(dossierId,
+                         allFoundFiles.stream()
+                                 .map(FileStatusMapper::toFileStatus)
+                                 .collect(Collectors.toList()));
        }

        return new JSONPrimitive<>(response);
@ -351,6 +357,10 @@ public class StatusController implements StatusResource {
                                                  .build());

            var dossier = dossierACLService.enhanceDossierWithACLData(dossierManagementService.getDossierById(dossierId, false, false));
+
+            if (dossier.getOwnerId() == null) {
+                throw new ConflictException("Dossier has no owner!");
+            }
            if (!dossier.getOwnerId().equals(KeycloakSecurity.getUserId())) {

                var fileStatus = fileStatusManagementService.getFileStatus(fileId);
--- a/persistence-service-v1/persistence-service-server-v1/src/main/resources/application.yaml
+++ b/persistence-service-v1/persistence-service-server-v1/src/main/resources/application.yaml
@ -142,7 +142,8 @@ fforesight:
    ignored-endpoints: [ '/redaction-gateway-v1', '/actuator/health/**',"/redaction-gateway-v1/websocket","/redaction-gateway-v1/websocket/**", '/redaction-gateway-v1/async/download/with-ott/**',
                         '/internal-api/**', '/redaction-gateway-v1/docs/swagger-ui',
                         '/redaction-gateway-v1/docs/**','/redaction-gateway-v1/docs',
-                         '/api', '/api/','/api/docs/**','/api/docs','/api/docs/swagger-ui' ]
+                         '/api', '/api/','/api/docs/**','/api/docs','/api/docs/swagger-ui',
+                         '/actuator/prometheus']
    enabled: true
  springdoc:
    base-path: '/api'
--- a/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/tests/ApprovalTest.java
+++ b/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/tests/ApprovalTest.java
@ -1,13 +1,18 @@
 package com.iqser.red.service.peristence.v1.server.integration.tests;

+import static org.junit.Assert.assertThrows;
 import static org.junit.jupiter.api.Assertions.assertEquals;
 import static org.junit.jupiter.api.Assertions.assertFalse;
 import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.anyBoolean;
 import static org.mockito.ArgumentMatchers.anyString;
+import static org.mockito.Mockito.doAnswer;
 import static org.mockito.Mockito.when;

+import java.util.ArrayList;
 import java.util.List;
+import java.util.Set;

 import org.apache.commons.lang3.StringUtils;
 import org.junit.jupiter.api.Test;
@ -18,8 +23,8 @@ import com.iqser.red.service.peristence.v1.server.integration.client.FileClient;
 import com.iqser.red.service.peristence.v1.server.integration.service.DossierTemplateTesterAndProvider;
 import com.iqser.red.service.peristence.v1.server.integration.service.DossierTesterAndProvider;
 import com.iqser.red.service.peristence.v1.server.integration.service.FileTesterAndProvider;
-import com.iqser.red.service.peristence.v1.server.integration.service.TypeProvider;
 import com.iqser.red.service.peristence.v1.server.integration.utils.AbstractPersistenceServerServiceTest;
+import com.iqser.red.service.persistence.management.v1.processor.acl.custom.dossier.DossierACLService;
 import com.iqser.red.service.persistence.management.v1.processor.entity.configuration.LegalBasisEntity;
 import com.iqser.red.service.persistence.management.v1.processor.service.persistence.LegalBasisMappingPersistenceService;
 import com.iqser.red.service.persistence.service.v1.api.shared.model.DossierTemplateModel;
@ -33,6 +38,8 @@ import com.iqser.red.service.persistence.service.v1.api.shared.model.dossiertemp
 import com.iqser.red.service.persistence.service.v1.api.shared.model.warning.ApproveResponse;
 import com.iqser.red.service.persistence.service.v1.api.shared.model.warning.WarningType;

+import feign.FeignException;
+
 public class ApprovalTest extends AbstractPersistenceServerServiceTest {

    @Autowired
@ -44,15 +51,15 @@ public class ApprovalTest extends AbstractPersistenceServerServiceTest {
    @Autowired
    private DossierTesterAndProvider dossierTesterAndProvider;

-    @Autowired
-    private TypeProvider typeProvider;
-
    @Autowired
    private FileClient fileClient;

    @SpyBean
    private LegalBasisMappingPersistenceService legalBasisMappingPersistenceService;

+    @SpyBean
+    private DossierACLService dossierACLService;
+

    @Test
    public void testApprovalNoWarnings() {
@ -181,4 +188,54 @@ public class ApprovalTest extends AbstractPersistenceServerServiceTest {
        assertTrue(approveResponse.getFileWarnings().isEmpty());
    }

+
+    @Test
+    void testApprovalWhenDossierHasNoOwner() {
+
+        DossierTemplateModel dossierTemplateModel = dossierTemplateTesterAndProvider.provideTestTemplate();
+
+        Dossier dossier = dossierTesterAndProvider.provideTestDossier(dossierTemplateModel);
+
+        FileStatus file = fileTesterAndProvider.testAndProvideFile(dossier, "some-file");
+        fileTesterAndProvider.markFileAsProcessed(dossier.getId(), file.getFileId());
+
+        EntityLog entityLog = new EntityLog();
+
+        when(entityLogService.getEntityLog(anyString(), anyString(), anyBoolean())).thenReturn(entityLog);
+
+        List<com.iqser.red.service.persistence.management.v1.processor.service.users.model.User> allUsers = new ArrayList<>();
+        allUsers.add(com.iqser.red.service.persistence.management.v1.processor.service.users.model.User.builder()
+                             .userId("manageradmin1@test.com")
+                             .email("manageradmin1@test.com")
+                             .isActive(true)
+                             .roles(Set.of(getAllRoles()))
+                             .build());
+        allUsers.add(com.iqser.red.service.persistence.management.v1.processor.service.users.model.User.builder()
+                             .userId("manageradmin2@test.com")
+                             .email("manageradmin2@test.com")
+                             .isActive(true)
+                             .roles(Set.of("RED_USER"))
+                             .build());
+
+        when(usersClient.getAllUsers(false)).thenReturn(allUsers);
+        when(usersClient.getAllUsers(true)).thenReturn(allUsers);
+
+        doAnswer(invocation -> {
+            Dossier arg = invocation.getArgument(0);
+            if (dossier.getId().equals(arg.getId())) {
+                Dossier emptyDossier = new Dossier();
+                emptyDossier.setId(arg.getId());
+                return emptyDossier;
+            } else {
+                return invocation.callRealMethod();
+            }
+        }).when(dossierACLService).enhanceDossierWithACLData(any(Dossier.class));
+
+        FeignException ex = assertThrows(FeignException.Conflict.class, () -> {
+            fileClient.setStatusApproved(dossier.getId(), file.getFileId(), false);
+        });
+
+        assertTrue(ex.getMessage().contains("Dossier has no owner!"));
+    }
+
 }
--- a/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/utils/AbstractPersistenceServerServiceTest.java
+++ b/persistence-service-v1/persistence-service-server-v1/src/test/java/com/iqser/red/service/peristence/v1/server/integration/utils/AbstractPersistenceServerServiceTest.java
@ -261,7 +261,7 @@ public abstract class AbstractPersistenceServerServiceTest {
    @MockBean
    protected TenantsClient tenantsClient;
    @MockBean
-    private UsersClient usersClient;
+    protected UsersClient usersClient;
    @Autowired
    protected EncryptionDecryptionService encryptionDecryptionService;
    @Autowired
@ -286,7 +286,7 @@ public abstract class AbstractPersistenceServerServiceTest {
    private CurrentApplicationTypeProvider currentApplicationTypeProvider;


-    private static String[] getAllRoles() {
+    protected static String[] getAllRoles() {

        var allRoles = ApplicationRoles.ROLE_DATA.entrySet()
                .stream()
Author	SHA1	Message	Date
Maverick Studer	a441909408	Merge branch 'RE-10691-fp' into 'master' RED-10691: 500 when approving file in a dossier where dossier owner lost manager role Closes RE-10691 See merge request redactmanager/persistence-service!930	2025-02-04 09:37:04 +01:00
maverickstuder	a7bdbb5495	RED-10691: 500 when approving file in a dossier where dossier owner lost manager role	2025-01-31 13:35:31 +01:00
Dominique Eifländer	3c0b9d36d4	Merge branch 'OPS-284' into 'master' OPS-284: add prometheus endpoint Closes OPS-284 See merge request redactmanager/persistence-service!928	2025-01-24 11:01:07 +01:00
Christoph Schabert	9ff3035730	OPS-284: add prometheus endpoint	2025-01-23 13:34:26 +01:00